<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
	<title>XSS bugs</title>
	<script type="text/javascript" src="server.js"></script>
	<script type="text/javascript">
	    function loadhandler() {
            showHelpPath();
            patchAnchors();
        }

	</script>
</head>

<body onload = "loadhandler()">
<h1>Other JSP bugs</h1>

<h3 id="path"></h3>

This bug can be tested on an infocenter or in Workbench mode.
<br>
Click on each of the links in turn, if any cause a message dialog or new window or tab to open that is a symptom of an xss bug.
If you see an warning in the browser that it has modified the site to prevent cross site scripting
that is also a problem.
<br>
<a href = "../../../../../advanced/search.jsp?searchWord=&maxHits=500&workingSet=All%20topics%27/%3E%3Cscript%3Ealert%2842752%29%3C/script%3E" >
Link X1</a>
<br>
<a href = "../../../../../advanced/search.jsp?searchWord=%3E%22%27%3E%3Cscript%3Ealert%283854%29%3C/script%3E&maxHits=%3E%22%27%3E%3Cscript%3Ealert%283854%29%3C/script%3E&workingSet=%3E%22%27%3E%3Cscript%3Ealert%283854%29%3C/script%3E" >
Link X2</a>
<br>
<a href = "../../../../../advanced/workingSet.jsp?operation=add%22/%3E%27;%3C/script%3E%3Cscript%3Ealert%2853827%29%3C/script%3E&workingSet=" >
Link X3</a>
<br>
<a href = "../../../../../basic/searchView.jsp?searchWord=%27/%3E%3Cscript%3Ealert%2851887%29%3C/script%3E&maxHits=500&scopedSearch=true" >
Link X4</a>
<br>
<a href = "../../../../../basic/searchView.jsp?searchWord=%3E%22%27%3E%3Cscript%3Ealert%2850929%29%3C/script%3E&maxHits=%3E%22%27%3E%3Cscript%3Ealert%2850929%29%3C/script%3E&scopedSearch=%3E%22%27%3E%3Cscript%3Ealert%2850929%29%3C/script%3E" >
Link X5</a>
<br>
<a href = "../../../../../advanced/search.jsp?searchWord=&maxHits=500&workingSet=<script>window.open('http://www.eclipse.org/')</script>" >
Link X6</a>
<br>
<a href = "../../../../../index.jsp?'onload='alert(0)">
Link X7</a>

</body>
</html>